nextjs-cms 0.5.9 → 0.5.10

package/dist/core/sections/simple.d.ts

@@ -1,99 +1,99 @@
-import { entityKind } from "../helpers.js";
-import type { BaseSectionOptions } from "./section.js";
-import { Section } from "./section.js";
-import { FieldGroupConfig, type FieldConfig } from "../fields.js";
-import * as z from 'zod';
-declare const configSchema: z.ZodObject<{
-    title: z.ZodString;
-    db: z.ZodObject<{
-        table: z.ZodString;
-    }, z.core.$strict>;
-}, z.core.$strict>;
-type Config = z.infer<typeof configSchema>;
-export declare class SimpleSection extends Section<Config> {
-    static readonly [entityKind] = "SimpleSection";
-    readonly type = "simple";
-    title: string;
-    constructor(config: BaseSectionOptions<Config>);
-}
-declare const optionsSchema: z.ZodObject<{
-    title: z.ZodString;
-    db: z.ZodObject<{
-        table: z.ZodString;
-    }, z.core.$strict>;
-    fields: z.ZodUnion<[z.ZodArray<z.ZodCustom<FieldConfig, FieldConfig>>, z.ZodArray<z.ZodCustom<FieldGroupConfig, FieldGroupConfig>>]>;
-    name: z.ZodString;
-    variants: z.ZodOptional<z.ZodArray<z.ZodCustom<import("../types.js").Variant, import("../types.js").Variant>>>;
-    order: z.ZodNumber;
-    readonly: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
-    icon: z.ZodOptional<z.ZodString>;
-    gallery: z.ZodOptional<z.ZodObject<{
-        db: z.ZodObject<{
-            tableName: z.ZodString;
-            identifierField: z.ZodOptional<z.ZodString>;
-            photoNameField: z.ZodOptional<z.ZodString>;
-            metaField: z.ZodOptional<z.ZodString>;
-        }, z.core.$strict>;
-        watermark: z.ZodOptional<z.ZodBoolean>;
-        thumbnail: z.ZodOptional<z.ZodObject<{
-            width: z.ZodNumber;
-            height: z.ZodNumber;
-            crop: z.ZodBoolean;
-            quality: z.ZodNumber;
-        }, z.core.$strict>>;
-    }, z.core.$strict>>;
-    hooks: z.ZodOptional<z.ZodCustom<import("./section.js").Hooks, import("./section.js").Hooks>>;
-}, z.core.$strict>;
-declare const simpleSectionConfigSchema: z.ZodObject<{
-    type: z.ZodLiteral<"simple">;
-    fields: z.ZodArray<z.ZodCustom<FieldConfig, FieldConfig>>;
-    build: z.ZodFunction<z.core.$ZodFunctionArgs, z.ZodCustom<SimpleSection, SimpleSection>>;
-    fieldGroups: z.ZodOptional<z.ZodArray<z.ZodCustom<FieldGroupConfig, FieldGroupConfig>>>;
-    title: z.ZodString;
-    db: z.ZodObject<{
-        table: z.ZodString;
-    }, z.core.$strict>;
-    name: z.ZodString;
-    variants: z.ZodOptional<z.ZodArray<z.ZodCustom<import("../types.js").Variant, import("../types.js").Variant>>>;
-    order: z.ZodNumber;
-    readonly: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
-    icon: z.ZodOptional<z.ZodString>;
-    gallery: z.ZodOptional<z.ZodObject<{
-        db: z.ZodObject<{
-            tableName: z.ZodString;
-            identifierField: z.ZodOptional<z.ZodString>;
-            photoNameField: z.ZodOptional<z.ZodString>;
-            metaField: z.ZodOptional<z.ZodString>;
-        }, z.core.$strict>;
-        watermark: z.ZodOptional<z.ZodBoolean>;
-        thumbnail: z.ZodOptional<z.ZodObject<{
-            width: z.ZodNumber;
-            height: z.ZodNumber;
-            crop: z.ZodBoolean;
-            quality: z.ZodNumber;
-        }, z.core.$strict>>;
-    }, z.core.$strict>>;
-    hooks: z.ZodOptional<z.ZodCustom<import("./section.js").Hooks, import("./section.js").Hooks>>;
-}, z.core.$strict>;
-export type SimpleSectionOptions = z.infer<typeof optionsSchema>;
-/**
- * Simple section configuration
- * This is the output of the simpleSection() helper function, it that can be serialized and used anywhere
- * The build() method allows creating a SimpleSection instance when needed
- */
-export type SimpleSectionConfig = z.infer<typeof simpleSectionConfigSchema>;
-/**
- * Helper function to create a simple section configuration
- * Returns a config object with a build() method that can be serialized and used anywhere
- *
- * @example
- * ```typescript
- * const sectionConfig = simpleSection({ name: 'settings', ... })
- * const sectionInstance = sectionConfig.build()
- * ```
- *
- * @param section
- */
-export declare function simpleSection(section: SimpleSectionOptions): SimpleSectionConfig;
-export {};
+import { entityKind } from '../helpers/index.js';
+import type { BaseSectionOptions } from './section.js';
+import { Section } from './section.js';
+import type { FieldGroupConfig, FieldConfig } from '../fields/index.js';
+import * as z from 'zod';
+declare const configSchema: z.ZodObject<{
+    title: z.ZodString;
+    db: z.ZodObject<{
+        table: z.ZodString;
+    }, z.core.$strict>;
+}, z.core.$strict>;
+type Config = z.infer<typeof configSchema>;
+export declare class SimpleSection extends Section<Config> {
+    static readonly [entityKind] = "SimpleSection";
+    readonly type = "simple";
+    title: string;
+    constructor(config: BaseSectionOptions<Config>);
+}
+declare const optionsSchema: z.ZodObject<{
+    title: z.ZodString;
+    db: z.ZodObject<{
+        table: z.ZodString;
+    }, z.core.$strict>;
+    fields: z.ZodUnion<[z.ZodArray<z.ZodCustom<FieldConfig, FieldConfig>>, z.ZodArray<z.ZodCustom<FieldGroupConfig, FieldGroupConfig>>]>;
+    name: z.ZodString;
+    variants: z.ZodOptional<z.ZodArray<z.ZodCustom<import("../types/index.js").Variant, import("../types/index.js").Variant>>>;
+    order: z.ZodNumber;
+    readonly: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
+    icon: z.ZodOptional<z.ZodString>;
+    gallery: z.ZodOptional<z.ZodObject<{
+        db: z.ZodObject<{
+            tableName: z.ZodString;
+            identifierField: z.ZodOptional<z.ZodString>;
+            photoNameField: z.ZodOptional<z.ZodString>;
+            metaField: z.ZodOptional<z.ZodString>;
+        }, z.core.$strict>;
+        watermark: z.ZodOptional<z.ZodBoolean>;
+        thumbnail: z.ZodOptional<z.ZodObject<{
+            width: z.ZodNumber;
+            height: z.ZodNumber;
+            crop: z.ZodBoolean;
+            quality: z.ZodNumber;
+        }, z.core.$strict>>;
+    }, z.core.$strict>>;
+    hooks: z.ZodOptional<z.ZodCustom<import("./section.js").Hooks, import("./section.js").Hooks>>;
+}, z.core.$strict>;
+declare const simpleSectionConfigSchema: z.ZodObject<{
+    type: z.ZodLiteral<"simple">;
+    fields: z.ZodArray<z.ZodCustom<FieldConfig, FieldConfig>>;
+    build: z.ZodFunction<z.core.$ZodFunctionArgs, z.ZodCustom<SimpleSection, SimpleSection>>;
+    fieldGroups: z.ZodOptional<z.ZodArray<z.ZodCustom<FieldGroupConfig, FieldGroupConfig>>>;
+    title: z.ZodString;
+    db: z.ZodObject<{
+        table: z.ZodString;
+    }, z.core.$strict>;
+    name: z.ZodString;
+    variants: z.ZodOptional<z.ZodArray<z.ZodCustom<import("../types/index.js").Variant, import("../types/index.js").Variant>>>;
+    order: z.ZodNumber;
+    readonly: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
+    icon: z.ZodOptional<z.ZodString>;
+    gallery: z.ZodOptional<z.ZodObject<{
+        db: z.ZodObject<{
+            tableName: z.ZodString;
+            identifierField: z.ZodOptional<z.ZodString>;
+            photoNameField: z.ZodOptional<z.ZodString>;
+            metaField: z.ZodOptional<z.ZodString>;
+        }, z.core.$strict>;
+        watermark: z.ZodOptional<z.ZodBoolean>;
+        thumbnail: z.ZodOptional<z.ZodObject<{
+            width: z.ZodNumber;
+            height: z.ZodNumber;
+            crop: z.ZodBoolean;
+            quality: z.ZodNumber;
+        }, z.core.$strict>>;
+    }, z.core.$strict>>;
+    hooks: z.ZodOptional<z.ZodCustom<import("./section.js").Hooks, import("./section.js").Hooks>>;
+}, z.core.$strict>;
+export type SimpleSectionOptions = z.infer<typeof optionsSchema>;
+/**
+ * Simple section configuration
+ * This is the output of the simpleSection() helper function, it that can be serialized and used anywhere
+ * The build() method allows creating a SimpleSection instance when needed
+ */
+export type SimpleSectionConfig = z.infer<typeof simpleSectionConfigSchema>;
+/**
+ * Helper function to create a simple section configuration
+ * Returns a config object with a build() method that can be serialized and used anywhere
+ *
+ * @example
+ * ```typescript
+ * const sectionConfig = simpleSection({ name: 'settings', ... })
+ * const sectionInstance = sectionConfig.build()
+ * ```
+ *
+ * @param section
+ */
+export declare function simpleSection(section: SimpleSectionOptions): SimpleSectionConfig;
+export {};
 //# sourceMappingURL=simple.d.ts.map

package/dist/core/sections/simple.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"simple.d.ts","sourceRoot":"","sources":["../../../src/core/sections/simple.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAA;AACvC,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,WAAW,CAAA;AACnD,OAAO,EAAmC,OAAO,EAAE,MAAM,WAAW,CAAA;AACpE,OAAO,EAAE,gBAAgB,EAAE,KAAK,WAAW,EAAE,MAAM,WAAW,CAAA;AAC9D,OAAO,KAAK,CAAC,MAAM,KAAK,CAAA;AAGxB,QAAA,MAAM,YAAY;;;;;kBAiBhB,CAAA;AAEF,KAAK,MAAM,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,YAAY,CAAC,CAAA;AAE1C,qBAAa,aAAc,SAAQ,OAAO,CAAC,MAAM,CAAC;IAC9C,gBAAyB,CAAC,UAAU,CAAC,mBAAkB;IACvD,SAAkB,IAAI,YAAW;IACxB,KAAK,EAAE,MAAM,CAAA;gBAEV,MAAM,EAAE,kBAAkB,CAAC,MAAM,CAAC;CAIjD;AAED,QAAA,MAAM,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;kBAGjB,CAAA;AAOF,QAAA,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;kBAK7B,CAAA;AAEF,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAA;AAEhE;;;;GAIG;AACH,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,yBAAyB,CAAC,CAAA;AAE3E;;;;;;;;;;;GAWG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,oBAAoB,GAAG,mBAAmB,CA6ChF"}
+{"version":3,"file":"simple.d.ts","sourceRoot":"","sources":["../../../src/core/sections/simple.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAA;AACtD,OAAO,EAAE,OAAO,EAAmC,MAAM,cAAc,CAAA;AACvE,OAAO,KAAK,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AACvE,OAAO,KAAK,CAAC,MAAM,KAAK,CAAA;AAGxB,QAAA,MAAM,YAAY;;;;;kBAiBhB,CAAA;AAEF,KAAK,MAAM,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,YAAY,CAAC,CAAA;AAE1C,qBAAa,aAAc,SAAQ,OAAO,CAAC,MAAM,CAAC;IAC9C,gBAAyB,CAAC,UAAU,CAAC,mBAAkB;IACvD,SAAkB,IAAI,YAAW;IACxB,KAAK,EAAE,MAAM,CAAA;gBAEV,MAAM,EAAE,kBAAkB,CAAC,MAAM,CAAC;CAIjD;AAED,QAAA,MAAM,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;kBAGjB,CAAA;AAOF,QAAA,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;kBAK7B,CAAA;AAEF,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAA;AAEhE;;;;GAIG;AACH,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,yBAAyB,CAAC,CAAA;AAE3E;;;;;;;;;;;GAWG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,oBAAoB,GAAG,mBAAmB,CA6ChF"}

package/dist/core/sections/simple.js

@@ -1,95 +1,95 @@
-import { entityKind } from "../helpers.js";
-import { baseHelperFunctionOptionsSchema, Section } from "./section.js";
-import * as z from 'zod';
-import { FieldGroupConfigSchema, fieldConfigSchema } from "./section.js";
-const configSchema = z.strictObject({
-    title: z.string('Section title is required').describe('The title of the section'),
-    db: z
-        .strictObject({
-        table: z
-            .string('Table name is required')
-            .describe('The name of the database table to use for this section'),
-    }, {
-        error: 'DB configuration is required',
-    })
-        .describe('In simple sections, the identifier field is a number field with the name `id`, and always has the value of 1 in the database table')
-        .describe('The database configuration for this section'),
-});
-export class SimpleSection extends Section {
-    static [entityKind] = 'SimpleSection';
-    type = 'simple';
-    title;
-    constructor(config) {
-        super(config);
-        this.title = config.title;
-    }
-}
-const optionsSchema = z.strictObject({
-    ...baseHelperFunctionOptionsSchema.shape,
-    ...configSchema.shape,
-});
-const compiledOptionsSchema = z.strictObject({
-    ...optionsSchema.shape,
-    fieldGroups: z.array(FieldGroupConfigSchema).optional().describe('The field groups of the section if provided'),
-});
-const simpleSectionConfigSchema = z.strictObject({
-    ...compiledOptionsSchema.shape,
-    type: z.literal('simple').describe('The type of the section'),
-    fields: z.array(fieldConfigSchema).describe('The fields of the section'),
-    build: z.function().output(z.instanceof(SimpleSection)).describe('Build a SimpleSection instance from this config'),
-});
-/**
- * Helper function to create a simple section configuration
- * Returns a config object with a build() method that can be serialized and used anywhere
- *
- * @example
- * ```typescript
- * const sectionConfig = simpleSection({ name: 'settings', ... })
- * const sectionInstance = sectionConfig.build()
- * ```
- *
- * @param section
- */
-export function simpleSection(section) {
-    /**
-     * Validate the section config
-     */
-    const result = optionsSchema.safeParse(section);
-    if (!result.success) {
-        throw new Error(`[Section: ${section.name}]: ${z.prettifyError(result.error)}`);
-    }
-    /**
-     * Resolve fields and fieldGroups
-     */
-    let fields = [];
-    let fieldGroups = [];
-    if (section.fields && section.fields.length > 0) {
-        const firstInput = section.fields[0];
-        /**
-         * Check if the first item is a field group.
-         * We don't need to check every item,
-         * because zod already validated the fields array.
-         */
-        if (firstInput && 'fields' in firstInput) {
-            fieldGroups = section.fields;
-            fields = fieldGroups.flatMap((group) => group.fields);
-        }
-        else {
-            fields = section.fields;
-        }
-    }
-    const config = {
-        ...section,
-        fields,
-        fieldGroups: fieldGroups.length > 0 ? fieldGroups : undefined,
-        type: 'simple',
-        build() {
-            return new SimpleSection({
-                ...section,
-                fields,
-                fieldGroups: fieldGroups.length > 0 ? fieldGroups : undefined,
-            });
-        },
-    };
-    return config;
-}
+import { entityKind } from '../helpers/index.js';
+import { Section, baseHelperFunctionOptionsSchema } from './section.js';
+import * as z from 'zod';
+import { FieldGroupConfigSchema, fieldConfigSchema } from './section.js';
+const configSchema = z.strictObject({
+    title: z.string('Section title is required').describe('The title of the section'),
+    db: z
+        .strictObject({
+        table: z
+            .string('Table name is required')
+            .describe('The name of the database table to use for this section'),
+    }, {
+        error: 'DB configuration is required',
+    })
+        .describe('In simple sections, the identifier field is a number field with the name `id`, and always has the value of 1 in the database table')
+        .describe('The database configuration for this section'),
+});
+export class SimpleSection extends Section {
+    static [entityKind] = 'SimpleSection';
+    type = 'simple';
+    title;
+    constructor(config) {
+        super(config);
+        this.title = config.title;
+    }
+}
+const optionsSchema = z.strictObject({
+    ...baseHelperFunctionOptionsSchema.shape,
+    ...configSchema.shape,
+});
+const compiledOptionsSchema = z.strictObject({
+    ...optionsSchema.shape,
+    fieldGroups: z.array(FieldGroupConfigSchema).optional().describe('The field groups of the section if provided'),
+});
+const simpleSectionConfigSchema = z.strictObject({
+    ...compiledOptionsSchema.shape,
+    type: z.literal('simple').describe('The type of the section'),
+    fields: z.array(fieldConfigSchema).describe('The fields of the section'),
+    build: z.function().output(z.instanceof(SimpleSection)).describe('Build a SimpleSection instance from this config'),
+});
+/**
+ * Helper function to create a simple section configuration
+ * Returns a config object with a build() method that can be serialized and used anywhere
+ *
+ * @example
+ * ```typescript
+ * const sectionConfig = simpleSection({ name: 'settings', ... })
+ * const sectionInstance = sectionConfig.build()
+ * ```
+ *
+ * @param section
+ */
+export function simpleSection(section) {
+    /**
+     * Validate the section config
+     */
+    const result = optionsSchema.safeParse(section);
+    if (!result.success) {
+        throw new Error(`[Section: ${section.name}]: ${z.prettifyError(result.error)}`);
+    }
+    /**
+     * Resolve fields and fieldGroups
+     */
+    let fields = [];
+    let fieldGroups = [];
+    if (section.fields && section.fields.length > 0) {
+        const firstInput = section.fields[0];
+        /**
+         * Check if the first item is a field group.
+         * We don't need to check every item,
+         * because zod already validated the fields array.
+         */
+        if (firstInput && 'fields' in firstInput) {
+            fieldGroups = section.fields;
+            fields = fieldGroups.flatMap((group) => group.fields);
+        }
+        else {
+            fields = section.fields;
+        }
+    }
+    const config = {
+        ...section,
+        fields,
+        fieldGroups: fieldGroups.length > 0 ? fieldGroups : undefined,
+        type: 'simple',
+        build() {
+            return new SimpleSection({
+                ...section,
+                fields,
+                fieldGroups: fieldGroups.length > 0 ? fieldGroups : undefined,
+            });
+        },
+    };
+    return config;
+}

package/dist/core/security/dom.d.ts

@@ -1,11 +1,11 @@
-/**
- * Escape a string so it can be safely injected into an HTML text context.
- * Returns `undefined` when the input is `undefined` or `null` to preserve caller intent.
- */
-export declare function escapeHTML(value: string | undefined | null): string | undefined;
-/**
- * Sanitize rich-text/HTML content using DOMPurify with a restrictive allow-list.
- * Always returns a string (empty string when value is undefined or null).
- */
-export declare function sanitizeRichText(value: string | undefined | null): string;
+/**
+ * Escape a string so it can be safely injected into an HTML text context.
+ * Returns `undefined` when the input is `undefined` or `null` to preserve caller intent.
+ */
+export declare function escapeHTML(value: string | undefined | null): string | undefined;
+/**
+ * Sanitize rich-text/HTML content using DOMPurify with a restrictive allow-list.
+ * Always returns a string (empty string when value is undefined or null).
+ */
+export declare function sanitizeRichText(value: string | undefined | null): string;
 //# sourceMappingURL=dom.d.ts.map

package/dist/core/security/dom.js

@@ -1,92 +1,92 @@
-import DOMPurify from 'isomorphic-dompurify';
-const HTML_ESCAPE_LOOKUP = {
-    '&': '&',
-    '<': '&lt;',
-    '>': '&gt;',
-    '"': '&quot;',
-    "'": '&#39;',
-    '/': '&#x2F;',
-    '`': '&#x60;',
-    '/\/': '&#x2F;',
-};
-const HTML_ESCAPE_REGEX = /[&<>"'\/`\/\/]/g;
-/**
- * Escape a string so it can be safely injected into an HTML text context.
- * Returns `undefined` when the input is `undefined` or `null` to preserve caller intent.
- */
-export function escapeHTML(value) {
-    if (value === undefined || value === null) {
-        return value === null ? '' : undefined;
-    }
-    if (!HTML_ESCAPE_REGEX.test(value)) {
-        return value;
-    }
-    return value.replace(HTML_ESCAPE_REGEX, (char) => HTML_ESCAPE_LOOKUP[char]);
-}
-const RICH_TEXT_ALLOWED_TAGS = [
-    'a',
-    'abbr',
-    'b',
-    'blockquote',
-    'br',
-    'caption',
-    'code',
-    'div',
-    'em',
-    'strong',
-    'i',
-    'img',
-    'figure',
-    'figcaption',
-    'hr',
-    'li',
-    'ol',
-    'p',
-    'pre',
-    'span',
-    'sub',
-    'sup',
-    'table',
-    'tbody',
-    'td',
-    'tfoot',
-    'th',
-    'thead',
-    'tr',
-    'u',
-    'ul',
-];
-const RICH_TEXT_ALLOWED_ATTR = [
-    'align',
-    'alt',
-    'class',
-    'data*',
-    'height',
-    'href',
-    'id',
-    'name',
-    'rel',
-    'src',
-    'style',
-    'target',
-    'title',
-    'width',
-];
-const RICH_TEXT_URI_REGEXP = /^(?:(?:https?|mailto|tel|ftp|file):|data:image\/[a-z0-9.+-]+;base64,)/i;
-const RICH_TEXT_SANITIZE_CONFIG = {
-    ALLOWED_TAGS: [...RICH_TEXT_ALLOWED_TAGS],
-    ALLOWED_ATTR: [...RICH_TEXT_ALLOWED_ATTR],
-    ALLOW_DATA_ATTR: true,
-    ALLOWED_URI_REGEXP: RICH_TEXT_URI_REGEXP,
-    FORBID_TAGS: ['style', 'script'],
-};
-/**
- * Sanitize rich-text/HTML content using DOMPurify with a restrictive allow-list.
- * Always returns a string (empty string when value is undefined or null).
- */
-export function sanitizeRichText(value) {
-    if (value === undefined || value === null || value.trim().length === 0) {
-        return '';
-    }
-    return DOMPurify.sanitize(value, RICH_TEXT_SANITIZE_CONFIG);
-}
+import DOMPurify from 'isomorphic-dompurify';
+const HTML_ESCAPE_LOOKUP = {
+    '&': '&amp;',
+    '<': '&lt;',
+    '>': '&gt;',
+    '"': '&quot;',
+    "'": '&#39;',
+    '/': '&#x2F;',
+    '`': '&#x60;',
+    '/\/': '&#x2F;',
+};
+const HTML_ESCAPE_REGEX = /[&<>"'\/`\/\/]/g;
+/**
+ * Escape a string so it can be safely injected into an HTML text context.
+ * Returns `undefined` when the input is `undefined` or `null` to preserve caller intent.
+ */
+export function escapeHTML(value) {
+    if (value === undefined || value === null) {
+        return value === null ? '' : undefined;
+    }
+    if (!HTML_ESCAPE_REGEX.test(value)) {
+        return value;
+    }
+    return value.replace(HTML_ESCAPE_REGEX, (char) => HTML_ESCAPE_LOOKUP[char]);
+}
+const RICH_TEXT_ALLOWED_TAGS = [
+    'a',
+    'abbr',
+    'b',
+    'blockquote',
+    'br',
+    'caption',
+    'code',
+    'div',
+    'em',
+    'strong',
+    'i',
+    'img',
+    'figure',
+    'figcaption',
+    'hr',
+    'li',
+    'ol',
+    'p',
+    'pre',
+    'span',
+    'sub',
+    'sup',
+    'table',
+    'tbody',
+    'td',
+    'tfoot',
+    'th',
+    'thead',
+    'tr',
+    'u',
+    'ul',
+];
+const RICH_TEXT_ALLOWED_ATTR = [
+    'align',
+    'alt',
+    'class',
+    'data*',
+    'height',
+    'href',
+    'id',
+    'name',
+    'rel',
+    'src',
+    'style',
+    'target',
+    'title',
+    'width',
+];
+const RICH_TEXT_URI_REGEXP = /^(?:(?:https?|mailto|tel|ftp|file):|data:image\/[a-z0-9.+-]+;base64,)/i;
+const RICH_TEXT_SANITIZE_CONFIG = {
+    ALLOWED_TAGS: [...RICH_TEXT_ALLOWED_TAGS],
+    ALLOWED_ATTR: [...RICH_TEXT_ALLOWED_ATTR],
+    ALLOW_DATA_ATTR: true,
+    ALLOWED_URI_REGEXP: RICH_TEXT_URI_REGEXP,
+    FORBID_TAGS: ['style', 'script'],
+};
+/**
+ * Sanitize rich-text/HTML content using DOMPurify with a restrictive allow-list.
+ * Always returns a string (empty string when value is undefined or null).
+ */
+export function sanitizeRichText(value) {
+    if (value === undefined || value === null || value.trim().length === 0) {
+        return '';
+    }
+    return DOMPurify.sanitize(value, RICH_TEXT_SANITIZE_CONFIG);
+}